Due to increasing reliance on network-accessible computers, network security has become a major issue for organizations and individuals. To help ensure the security of their computers, organizations and individuals frequently install security devices between public networks and their private networks. A goal of such security devices is to prevent unwanted or malicious information from the public network from affecting devices in the private network.
One example of a commonly deployed security device is a firewall. A firewall, for example, is a dedicated or virtual device that is configured to permit or deny traffic flows based on an organization's security policies. Firewalls can be implemented at various layers of the network stack, as specified with respect to the Open Systems Interconnection Basic Reference Model (“OSI Reference Model”). For example, a network layer firewall operates at the network layer (i.e., layer three (L3) of the OSI Reference Model) and is referred to an L3 device or network layer device. As another example, a layer two (L2) firewall operates within the second layer of the OSI Reference Model, also known as the data link layer, to restrict L2 network communications in accordance with an organization's policies. An L3 firewall may provide security features as well as packet forwarding, routing or other L3 functionality. A L2 firewall may provide security features along with switching or other L2 functionality. A third type of firewall, referred to as an application-layer firewall, operates above L3 of the network stack to assemble application-layer data and perform deep packet inspection to identify viruses or network attacks.
Unfortunately, network security devices, like other devices, may fail. For example, a software or hardware problem or a power fault within a security device may cause all or a portion of the security device to stop functioning. When a security device fails, all network traffic flowing between the public network and the private network may cease. For an enterprise that depends on such network traffic this may be unacceptable, even if this failure occurs only for a short time. To minimize the chance of a failure causing all network traffic to cease, a backup security device may be installed. Thus, if the security device that has primary responsibility for performing the security services (i.e., the master security device) fails, the backup security device may be quickly substituted for the master security device. In other words, the failing security device “fails over” to the backup security device. After failing over to the backup security device, the backup security device becomes the master security device.